Tau.Acuvim/portal/docker-compose.yml

# Local development stack.
# For production, see docker-compose.prod.yml (Traefik labels, no host ports, no anon Grafana).
services:
  portal:
    build: .
    container_name: ${COMPOSE_PROJECT_NAME:-portal-dev}_portal
    ports:
      - "8080:8080"
    environment:
      - ASPNETCORE_ENVIRONMENT=${ASPNETCORE_ENVIRONMENT:-Development}
      - Database__ConnectionString=Host=timescaledb;Port=5432;Database=${POSTGRES_DB:-power_monitoring};Username=${POSTGRES_USER:-power_user};Password=${POSTGRES_PASSWORD:-change_me_for_local_only}
      - Database__AutoProvisionLocalTimescaleDb=false
      # In the container the writable volume is /data/branding (Dockerfile chowns it).
      # The appsettings.Development.json override of LogoStoragePath is for local `dotnet run`, not Docker.
      - WhiteLabel__LogoStoragePath=/data/branding
      - Authentication__DefaultAdminEmail=${Authentication__DefaultAdminEmail:-admin@example.com}
      - Authentication__DefaultAdminPassword=${Authentication__DefaultAdminPassword:-ChangeMe123!}
      - Grafana__BaseUrl=http://localhost:3001
      - Grafana__InternalUrl=http://grafana:3000
      # RunMode: Client (default) or Admin. Override in .env to test fleet aggregation locally.
      - Application__RunMode=${Application__RunMode:-Client}
      # Fleet ingest (Client mode): set Enabled=true + Url + Token to enable the push background service.
      - FleetIngest__Enabled=${FleetIngest__Enabled:-false}
      - FleetIngest__Url=${FleetIngest__Url:-}
      - FleetIngest__Token=${FleetIngest__Token:-}
      - FleetIngest__IntervalSeconds=${FleetIngest__IntervalSeconds:-60}
      - FleetIngest__BatchSize=${FleetIngest__BatchSize:-5000}
    depends_on:
      timescaledb:
        condition: service_healthy
    volumes:
      - portal-keys:/data/keys
      - portal-branding:/data/branding

  timescaledb:
    image: timescale/timescaledb:2.17.2-pg16
    container_name: ${COMPOSE_PROJECT_NAME:-portal-dev}_timescale
    ports:
      - "5433:5432"
    environment:
      - POSTGRES_DB=${POSTGRES_DB:-power_monitoring}
      - POSTGRES_USER=${POSTGRES_USER:-power_user}
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-change_me_for_local_only}
    volumes:
      - timescale-data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-power_user} -d ${POSTGRES_DB:-power_monitoring}"]
      interval: 5s
      timeout: 5s
      retries: 10

  grafana:
    image: grafana/grafana:11.4.0
    container_name: ${COMPOSE_PROJECT_NAME:-portal-dev}_grafana
    ports:
      - "3001:3000"
    environment:
      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD:-admin}
      - GF_SECURITY_ALLOW_EMBEDDING=true
      - GF_AUTH_ANONYMOUS_ENABLED=true
      - GF_AUTH_ANONYMOUS_ORG_ROLE=Viewer
      - GF_USERS_ALLOW_SIGN_UP=false
      - POSTGRES_DB=${POSTGRES_DB:-power_monitoring}
      - POSTGRES_USER=${POSTGRES_USER:-power_user}
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-change_me_for_local_only}
    volumes:
      - grafana-data:/var/lib/grafana
      - ./grafana/provisioning:/etc/grafana/provisioning:ro
      - ./grafana/dashboards:/var/lib/grafana/dashboards:ro
    depends_on:
      timescaledb:
        condition: service_healthy

volumes:
  portal-keys:
  portal-branding:
  timescale-data:
  grafana-data: